Add this repository to the GSA code inventory

[jfredrickson5]

(I work in GSA IT, Office of the CTO. I am submitting this as part of our work to ensure GSA complies with the new Federal Source Code Policy.)

GSA needs to create an inventory of all agency source code, whether open source or closed source. The inventory we create will appear on Code.gov. The inventory will contain basic information about each source code repository, but will not include the source code itself. Please read the implementation guide and use it to submit this repository to the inventory by December 5.

Basically, please do one of the following, the details of which are described in the implementation guide:

• Add a metadata file (.codeinventory.yml or .codeinventory.json) to this repository (optionally, use this tool to generate a metadata file)
• Submit your metadata via a form (only do this if you cannot add a metadata file to this repository)

Let me know if you would like me to open a PR with an example .codeinventory.yml file.

Please let me know if you have any questions.

Thanks!

---

References:

• GSA Open Source Implementation Guide
• GSA Open Source Policy
• Federal Source Code Policy

[joshbruce]

@jfredrickson5 - Hello. I am acting on behalf of the team and the program I support with oversight provided by @pammiller0 (Governance) and @BrianGilmanGSA (direct report).

Status:

1. We are acquiring an administrative email address under the GSA.gov domain to register with this request.
2. We are actively adding these guides as references to our processes, which should help us moving forward.

Questions, comments, concerns:

I do apologize if any of these questions are answered directly by the guides and policies above, I have not taken the opportunity to read them in-depth at this time.

1. This repository is here for reference purposes as of today and will be sunset within 6 months and is not considered production-ready. Therefore, is it necessary for this source to be registered in this manner?
2. The part of the SAM Web Design Standards which makes it a module (SASS and JavaScript) is being subsumed by its parent project for now. However, we would like to maintain the documentation website, which describes design standards (similar to The US Web Design Standards, from which the SAM Web Design Standards inherits). This integration is currently in progress and is planned to be completed within 3 months. Therefore, is it necessary for that source to be registered in this manner?
3. We also have multiple repositories contained within an Enterprise GitHub installation. Is it necessary to register those repositories in this manner as they do not exist within GitHub.com itself?

[jfredrickson5]

1. I would say if you are in the process of shutting down this repo, we don't need to inventory it. I opened the issue since GitHub was showing recent activity in the repo.

2. The OMB policy that requires us to do this is a bit ambiguous right now in terms of how we should account for projects vs repos. At this time, I would say you can submit just the overarching parent source code repo to the inventory. This may change later as the inventory requirements evolve. To submit to the inventory, you just need a .codeinventory.yml or .codeinventory.json file in the parent repo, or submit the repo's information using the online form.

3. Yes, we need to account for all source code at GSA, no matter where it is located. Since I do not have access to automatically scan GitHub Enterprise, if you could submit repos stored on there using the online form, that would be great. If there are too many repos for manual input, then maybe you would be willing to give me read access to do automatic scanning of GitHub Enterprise, or I can provide you the tools to do that yourself.